- Remote IP Logged for TACACS+ and RADIUS
- (8.3.0.4) - The spsadmin account has been removed.
- (8.3.0.4) - Appliances can now be configured to reject self-signed certificates. This feature addresses CVE-2020-12143 and CVE-2020-12143.
- (8.3.0.4) - A new IKE-less seed distribution mechanism is now supported in ECOS. This feature addresses CVE-2020-12142.
- (8.3.0.4) - API changes have been made to restrict traversal of other directories, limiting access to sensitive data.
- (8.3.1.0) - Changes have been made that greatly reduce or eliminate the possibility of a cross-site forgery request (CSRF) on the appliance.
- (8.3.1.0) - Support for 25 Gbps fiber interface cards in the EC-XL appliance.
- (8.3.1.0) - Added a new custom bonding option that performs load-balancing based on tunnel capacity.
- (8.3.1.0) - Added a new link bonding option that supports user-configurable link prioritization and traffic steering/load balancing policies.
- (8.3.1.0) - IPSec anti-replay window protection has been enhanced to support window size of up to 64K.
- (8.3.1.0) - Traceroute is now supported across stateful-SNAT firewall type, across allow-all type with NAT configured, as well as across EdgeHA links.
- (8.3.1.0) - The Top Applications report now excludes Silver Peak control (non-user) traffic.
- (8.3.1.0) - Ping IPSLA monitor has been enhanced to include loss/latency measurements and thresholds.
- (8.3.1.0) - Ping IPSLA can now be directed into a 3rd party IPSec or GRE tunnel.
- (8.3.1.0) - EC-V now supports up to 32 interfaces along with auto-mac configuration.
- (8.3.1.0) - IPv6 DHCP is now supported on WAN interfaces.
- (8.3.1.0) - The internet breakout feature has been enhanced, enabling selection of the best quality internet link for local break-out based on user-defined criteria.
VXOA 8.2
- Branch NAT
- Multi-Region Subnet Sharing
- IPSec Service Chaining IKEv2
- BGP over IPSec
- Multicast GUI Support
- BGP Configuration of Source Address
- (8.2.1) - Route Filtering
- (8.2.1) - IPFIX Enhancements
- (8.2.1) - LAN-side VTI
- (8.2.1) - Dead Peer Detection (DPD) for IPSec Service Chaining
- (8.2.1) - Application Inference Engine
VXOA 8.1
- Enhanced Application Visibility
- BGP Routing
- Interface bonding on 10Gbps ports
- IPv6 UPD, GRE and IPSec tunnels
- SHA-2 Hash for IPSec
- Extended DHCP Server Options
- SNMPv3 Enhancements
- Custom HTTPS certificate support for appliance management
- Flow redirection on any configured physical interface
- Return passthrough traffic to L2 sender
- (8.1.3) Fine grained control of management traffic
- (8.1.4) DNS Application Classification Enhancement
- (8.1.4) Internet Breakout with Stateful Firewall and NAT
- (8.1.5) IP SLA tracking
- (8.1.5) PPPoE Interfaces
- (8.1.5) Redesigned Configuration > Interfaces page
- (8.1.5) Improved Application Classification by Port
- (8.1.5) Per-Flow Maximum Rate Control
- (8.1.5.3) EC-US Appliance Support
- (8.1.5.3) Modified High Efficiency Bonding
- (8.1.6) Edge High Availability
- (8.1.6) IPSec UDP Overlays (IKEless tunnels)
- (8.1.6) Mini License (supports up to 50mbps)
- (8.1.6) Configurable BGP Parameters (Local Preference • MED (Multi-Exit Discriminator) • AS Prepend Count • Keep Alive Timer • Hold Timer)
- (8.1.6) Configurable Interface for SAAS Probes
- (8.1.7) IPv6 Support for Inline Router Mode
- (8.1.7) BGP Enhancements (Soft reset • Input Metric • Communities)
- (8.1.7) Inbound Port Forwarding
- (8.1.7) Shaper Enhancements (Rebalance)
- (8.1.7) TCP MSS Clamping for Internet Breakout
- (8.1.7) Flow Redirection on WAN Interfaces
- (8.1.7) TCP Acceleration for IPv6
- (8.1.7) Cloud-Init Support
- (8.1.7) OSPF (Beta)
- (8.1.8) Zone Based Firewall
- (8.1.8) 3rd party IPSec Tunnels
- (8.1.8) IPFIX
- (8.1.8) IP SLA Enhancements
VXOA 8.0
- Business Intent Overlays
- Deployment Profiles
- Packet-Based Dynamic Path Control (DPC) or Bonded Tunnels
- Built-in DHCP server and relay
- Inbound QoS
- Support for IPv6 PBR deployments
- (8.0.3) - Support for additional hardware appliance part numbers
VXOA 7.3
- Support for the Unity EdgeConnect XS and V.
- Current Flows tab can report on flows that are experiencing slow LAN-side performance.
- Reset non-accelerated TCP connections.
- DRC configuration now available on web interface: Configuration > Shaper
- (7.3.1) - Support for the Unity EdgeConnect L, XL
- (7.3.2) - Support for the Unity EdgeConnect S
- (7.3.3) - Fast fail (sub-second failover) for Dynamic Path Control (DPC)
- (7.3.3) - Support for the Unity EdgeConnect M
Orchestrator 8.10
- Intelligent Upgrades
Orchestrator 8.9
- IKE-less Seed Distribution To address CVE-2020-12142
- Portal Migration Wizard The Orchestrator
- Auto-prune Tunnels from Removed Appliances
- Improved Response Times for Top ‘X’ Charts
- Support for New Alarm: Insufficient Bandwidth for Tunnels
- OAuth 2.0 Support for Identity Access Management (IAM)
- (8.9.2) - Disable Self-signed Certificates To address CVE-2020-12143 and CVE-2020-12144
- (8.9.2) - Loopback Orchestration
Orchestrator 8.8
- PPPoE in preconfiguration
- Loopback & VTI in preconfig
- Ikev2 enhancements
- Reset flows confirmation
- BGP ASN and Local communities
- Maintenance Mode
- Notification Banner
- Tunnels to Hubs in other region
- DHCP Failover
- Bandwidth tier licensing
- (8.8.3) IPFIX UI Enhancements
- (8.8.3) Increased Capacity for Inbound Port Forwarding Rules, up to 100
- (8.8.3) Route Map Enhancements
- (8.8.3) Microsoft Virtual WAN Orchestration (beta)
- (8.8.3) Zscaler Orchestration to support load balancing of IPSec tunnels and support for new geo-location APIs
- (8.8.3) Check Point Integration
Orchestrator 8.7
- Branch NAT
- DHCP relay per VLAN
- Source address for BGP
- ACL Policy enhancement
- Display peer role (hub/spoke) in routes
- Added capability to configure the logging level for implicit firewall drop between zones.
- Loopback interfaces in Appliance Wizard
- VTI and Loopback Interfaces
- Redesigned BIO and regional overlays
- Realtime updates from Microsoft Office 365
- Role based access
- Alarm Suppression
- TACACS and RADIUS enhancements. Support “Remote only” and “Local if Remote Unavailable”
Orchestrator 8.6
- Multicast routing
- Firewall rule logging
- Tech Support - Orchestrator tab improvement. Files can now be downloaded to the Orchestrator first
- Routes Tab Filter
- Flows tab improvements - new filters:Overlay and Transport filters, Flow characteristics, Duration filters, Include built-in and HA, and various other checkboxes
- Zscaler Orchestration
- Support Any Protocol in Inbound Port Forwarding
- Verify Email Address optional if Orchestrator is configured with a custom SMTP server
- Regions Tab
- License revocation and grant support for metered license model
- Firewall logging for Security Policies
Orchestrator 8.5
- Orchestrator has been redesigned to handle large networks.
- MOS Statistics
- Define Custom severity for Alarms
- Delay Alarm Emails
- Backup Orchestrator to HTTPS or SFTP servers as well as FTP, HTTP and SCP
- Pre-Configuration using YAML files in Orchestrator before Zero Touch Provisioning occurs.
- HTTP/HTTPS IPSLA ping monitors
- IPFIX support
- Wild Card Based prefix Matching in Policies
- Block Network Orchestation via Cloud Portal
- Preconfiguration
- Allow ECDSA certificates for Saas
- Health map sorting
- 'Find Preferred Route' dialog available when editing Configuration > Routes
- Configurable Statistics Retention
- Overlapping LAN side subnets
- Support IPv6 internal subnets on the Business Intent Overlay page
- Configurable tunnel alarm aggregation
- Notes for interfaces on Deployment page
- Boost Trends report
- Software Versions tab redesigned
- Preconfiguration Passthrough Tunnels and Flow Redirection
- IP Directed Broadcast available in templates
- Nonaccelerated TCP Inactivity Timeout available in System template
- New routes states that indicate peer’s role as Hub or Spoke
- BGP Graceful restart
- Zone based Firewall Statistics
- Suppress Tunnel creation using Tunnel Exceptions tab
- (8.5.2) Orchestration ETA progress and prioritization
Orchestrator 8.4
- Overlay ACL
- Maximum Orchestrator backups to retain now configurable
- RMA Wizard
- Upgrade appliances via Configuration Wizard
- Tree filters
- Transceiver information for EC-M-B and EC-M-P models SFP interfaces
- Admin up/down datapath interfaces
- Account key protection
- IP/Port wildcard pattern match
- IPFIX Flow Export
- IPSLA HTTP Ping
- Enable / Disable Default DNS Lookup
- Auto-MTU Discovery Scheduler
- Interface Dynamic Rate Control
- Compound Applications
- IPSec Pass-Through Tunnels
Orchestrator 8.3
- Overlay Region Support
- Orchestration of Templates (Groups)
- Inbound Port Forwarding Orchestration
- Cross Connect Grouping
- (8.3.3) OSPF support
- (8.3.3) Interface Bandwidth Summary report
- (8.3.3) Orchestrator in-place upgrade (no revert to previous Orch version from this point on)
- (8.3.3) Appliance Flow Trends tab enhancements
- (8.3.3) Authentication protocols for TACACS and RADIUS
- (8.3.3) Alarms in CSV format
- (8.3.3) CLI shell from UI
- (8.3.3) Remote assistance
- (8.3.3) TCP MSS clamping
- (8.3.6) Unreachable appliances are now shown grey in the tree
- (8.3.6) Network Manager role deprecated
- (8.3.6) Saas ping interface configurable
- (8.3.6) Configurable VLAN for Edge HA
- (8.3.6) Pause Orchestration
Orchestrator 8.2
- IPSec UDP overlays
- Packets per second trends tab
- Tech Support improvements (appliance and Orchestrator tabs)
- Orchestrator system dump
- Application Visibility and Classification (AVC)
- Edge Connect High Availability HA Support
- Controlling statistics collection
- IP Whitelist
Orchestrator 8.1
- Improved Health Dashboard
- Dynamic Topology Geomap
- Live View
- Traceroute support in the GUI
- Policy maps enhancements
- BGP support
- Flow tab enhancement
- Top Talkers, domains, countries and ports
- Tunnel Bandwidth, DSCP, Jitter and Traffic Class Pie Charts
- Appliance Flow, DSCP, QoS and Jitter Trends
- Scheduled reports improvements
- HTTPS Certificates Upload template
- Custom SSL certificate for Orchestrator UI
- Geo location support for Discovered Appliances tab
- Deployment configuration tab improvements
- DHCP leases by appliance
- Built-in applications
- Overlay Manager controls
- Overlay boost button improvement
Orchestrator 8.0
- Health Dashboard
- Deployment Profiles
- Overlay Topology
- Tunnel charts per overlay
- Labels (VXOA 8.0)
- Tunnel Groups replace Tunnel Builder (VXOA 6.2.11)
- Shaper, policy and ACL template support (VXOA 8.0)
- Registration removed from Cloud Portal template (VXOA 7.0)
- VRRP Template (VXOA 6.2.11)
- Tunnel templates now support fast fail threshold (VXOA 7.3.3)
- New Shaper report (VXOA 8.0)
- Consolidated Audit Log tab
- Appliance Configuration backup (VXOA 6.2.11)
- New Deployment report
- Bulk import subnets from .csv now supported
Orchestrator 7.3 (EoL)
- Appliance discovery (VXOA 6.2.11)
- Tunnel summary report
- Scheduled group reboot/shutdown
- Scheduled group QoS map activation
- SMTP settings dialog
- Scheduled timezone dialog
- Third party licenses page
- Silver Peak appliances licenses page
- Cloud Portal registration template (VXOA 7.2)
- SaaS Optimization template (VXOA 7.2)
- CLI template (VXOA 6.2.11)
GMS 7.2 (EoL)
- HTML email reports (VXOA 6.2)
- Appliance discovery (VXOA 6.2.10)
- Alarms via email
- Time based QoS (VXOA 6.2)
- GMS Backup
- Historical Jobs
- VMware vROps Integration (VXOA 6.2.10)
- New charts added
- New templates added
- New configuration reports added
- REST API
No comments:
Post a Comment